website/public/newComment.php

36 lines
1.1 KiB
PHP
Raw Normal View History

2020-10-27 13:46:22 +01:00
<?php
include("./internal/mysql.php");
2020-12-30 23:02:45 +01:00
$data = array(
'secret' => $secretkey,
'response' => $_POST['h-captcha-response']
);
2020-10-27 13:46:22 +01:00
2020-12-30 23:02:45 +01:00
$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
curl_setopt($verify, CURLOPT_POST, true);
curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$response_ = curl_exec($verify);
$responseData = json_decode($response_);
2020-10-27 13:46:22 +01:00
2020-12-30 23:02:45 +01:00
if($responseData->success) {
$ref = $_SERVER["HTTP_REFERER"];
$article = $conn->escape_string(explode(".php", explode("Projekte/", $ref)[1])[0]);
$name = $conn->escape_string($_POST["name"]);
$email = $conn->escape_string($_POST["email"]);
$comment = $conn->escape_string($_POST["comment"]);
$sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
if ($conn->query($sql) === TRUE) {
header("Location: $ref");
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
2020-10-27 13:46:22 +01:00
} else {
2020-12-30 23:02:45 +01:00
echo "Failed to verify captcha.";
2020-10-27 13:46:22 +01:00
}